Businesses are being warned to be extra vigilant when receiving email invoices. A new phishing scam is doing the rounds, which targets businesses by using fake invoices and attachments.
How does the scam work?
The scam will appear as an email with an attachment. It may say you need to pay an invoice or sometimes that it has already been paid. Naturally, users click to download the attachment to open up the invoice and find out what they’re being charged for. This is when the email unleashes embedded code onto your computer, which can be used to launch malware and viruses, and steal personal data from your PC.
Due to the nature of the attack, the scam is able to bypass usual security software. However, cloud users can rest assured that they are safe from this form of attack because information is stored online, rather than on a local PC.
What to watch out for
The email may look like it comes from a legitimate company because it comes from an email address which appears to be associated with a large organisation. However, look twice before you open the file. Some of the main clues that this is a phishing attack rather than a real invoice include:
1. There may be spelling and grammatical errors
2. There may be no email signature
3. The email contains only a single line of text, and no personal greeting
However, these emails can be made to look very professional, so be wary of any invoice you are not expecting. Also, it is imperative that you make sure your employees – particularly those who deal with payments – are aware of the scam.
If you need further details about protecting your business from phishing attacks like these, please do contact EvoSoft. We are more than happy to help you ensure your business benefits from the highest level of security.
